A Defensible Standard of Care...

Integrity & Ethics: Whistleblower Risk...

2011-12-18T05:02:00.001-05:00

Operational Risk Management in your organization may be in need of a more robust awareness campaign. Malfeasance and ethical wrongdoing is continuously perpetuated in the workplace when those who are victims or witnesses refuse to speak up. Many fear the retaliation by supervisors or other co-workers. This study emphasizes the issue at hand:Labaton Sucharow LLP yesterday announced the results of

Deepwater Energy Risk: Protecting Business Performance...

2011-10-01T05:09:00.001-04:00

The Operational Risk professionals are applying the use of effective software tools in the Energy Sector. After all, the core disciplines of OPS Risk lie with safety and security and the current reality of deepwater drilling beyond 8,000 feet of ocean is here now.There are few organizations that understand the risks associated with drilling and capturing precious natural resources under these

Legal Risk: General Counsel Digital Leadership...

2011-07-30T05:04:00.001-04:00

Operational Risks continue to plague any senior manager with the title of "Corporate General Counsel". "Achieving a Defensible Standard of Care" remains ever so challenging. General Counsel digital leadership is required by the Board of Directors. A recent Corporate Executive Board Report outlined some of their top line issues in a recent Corporate Counsel article by Catherine Dunn: 1.

ISO 28000: Bankers Exposed to Supply Chain Risk...

2011-07-09T05:07:00.000-04:00

The banking institutions of the globe are on high alert. The Operational Risk doctrine is finally getting beyond the historical threats of fraud and rogue traders to the "New Normal" of other significant business disruptions. It's been on the horizon for some time, yet now Basel is finally enhancing the rules that have so far been ignored or given little consideration:Banks should bolster their

FCPA Alert: Dodd-Frank vs. Powerball...

2011-06-18T05:01:00.001-04:00

Board Directors are ever more tuned into the recent 2011 case settlements in Foreign Corrupt Practices Act (FCPA) violations. This is because Operational Risk Professionals are being much more proactive than years past on uncovering malfeasance in the supply chain operations of major global conglomerates: • Notable 2011 FCPA Settlements. 2010 was a record year for FCPA enforcement, and thus far

OPSEC: TQM in the Defense Industrial Base...

2011-05-28T05:09:00.000-04:00

OPSEC in the Defense Industrial Base (DIB) is on high alert since the RSA SecureID vulnerability was revealed several months ago. The Operational Risks Management discipline is now ever so pervasive in private sector companies who have outsourced national security programs. When top secret information is at risk, the game plan shifts from a single company incident to a federal priority. By Jim

Rule-based Design: The Future of HSI...

2011-03-27T05:03:00.001-04:00

Levers in the Homeland Security Intelligence (HSI) ecosystem impact the performance and the health of the environment that the entities are sharing their respective insights. These HSI entities are people within the analytic ecosystem who are diverse in the art and science they utilize to create and share insight. The threat to any ecosystem in many cases is "too much" or "too little" of a key

New Vision: Security Operations Center and CIU...

2011-02-20T05:05:00.002-05:00

The key Operational Risk Management news from this years RSA Conference is now coming in, yet there are inside sources who still need to be interviewed. What did they think was the most brilliant presentation or idea(s) presented? This particular release caught some eyes as it addresses much of the thinking on the latest evolution of the Security Operations Center (SOC): New Vision for Security

LEO: The Economics of Remote Digital Forensics...

2011-02-07T05:03:00.000-05:00

At the speed of the modern global enterprise, cyber incidents are a growing component of operational risk, according to 1SecureAudit Managing Director and Chief Risk Officer Peter L. Higgins. Digital forensics intelligence provides analysts, investigators and management the ability to make more informed decisions regarding a prudent course of action. Utilizing digital evidence can mean the timely

Digital Paradox: Privacy v. Security...

2011-01-22T05:04:00.001-05:00

The media communications and advertising industries are buzzing over the new U.S. Federal Trade Commission report and framework entitled: Protecting Consumer Privacy in an Era of Rapid Change. The Operational Risk Management implications to your enterprise could be significant if you currently do not understand how your marketing department provides disclosures or manages consumer collected

Stuxnet: Digital Sabotage of Critical Infrastructure...

2010-10-04T05:05:00.001-04:00

The Chief Information Security Officer's (CISO) are getting significant new understanding of the new threat emerging in the digital domains. The Energy, Chemical, Water, Transportation and other Critical Infrastructure sectors are on high alert. The Operational Risks associated with their Programmable Logic Controller (PLC) systems using Siemens technologies are being attacked. Stuxnet is

Workplace Violence: Cues and Clues to Teach...

2010-09-28T05:07:00.001-04:00

Operational Risk Management is your foundation for crisis leadership. All work locations have distinct categories of threats that are relevant to the site, people and type of business. Assessing the violent factors is the role of FBI profiler Mary Ellen O'Toole and there are four categories according to a study entitled: "The School Shooter: A Threat Assessment Perspective."A Direct

China Syndrome: FCPA & Rating Agencies...

2010-09-18T05:09:00.000-04:00

A modern day "Operational Risk China Syndrome" is making the Board of Directors nervous these days. The new syndrome otherwise called the Foreign Corrupt Practices Act (FCPA) has been the buzz at rating agencies for months. Are you sure about your ability to withstand the scrutiny of a FCPA litmus test? Board Member Magazine explains: On June 2nd, Fitch Ratings agency announced that

Digital RubiCON: The Fifth Domain...

2010-08-29T05:08:00.000-04:00

Operational Risk Management is a continuous process in the context of our rapidly expanding corporate environments. What is one example? People traveling to emerging markets to explore new business opportunities or new suppliers that will be connected by high speed Internet connections to the supply chain management system. These boundaries of managing operational risk, have not only

Employee Misconduct: Mitigating Insider Risks...

2010-07-29T05:03:00.000-04:00

The new Verizon Cyber Report is a valuable read for OPS Risk professionals that focus on data breach and incident response. The full breach report can be found at this link at Verizon Business.We have to agree with the observations made by Brian Krebs on the following topic in the report:A key finding in this year’s report is that most companies suffering breaches missed obvious signs

Workplace Privacy: Ontario Prevails on Data Audit...

2010-06-22T05:08:00.000-04:00

Operational Risk Management professionals in corporate America have been following the Quon vs. City of Ontario case for five plus years. Now the Supreme Court of the United States has ruled 9-0 to increase the clarity on the new age of electronic privacy in the workplace. The LA Times explains:Washington…In its first ruling on the rights of employees who send messages on the job, the

Information Threat: Battle for Superiority...

2010-05-11T05:19:00.000-04:00

What continues to be the greatest economic threat to your organization? Is it "Internal" or "External" to your institution? Could it be both? Insiders rarely work alone and therefore the nexus with some outside influence, whether it be a person, life factors or some other entity are typically in play.Is an engineer in R & D copying precious intellectual property information from within

FCPA: OPS Risk in Pharma & Small Business...

2010-04-24T05:05:00.001-04:00

If you are a large U.S. based pharmaceutical company the odds are that over a third of your annual sales are overseas. Selling drugs in the EU, Asia and South America into the health care systems is a tremendous pipeline for Eli Lilly, Pfizer and others who find these markets hungry for their products. What kind of Operational Risks might exist for these firms and should be on "Red Alert"

CIU: Corporate Intelligence Unit...

2010-04-01T05:11:00.002-04:00

In a recent 2010 CSO Magazine sponsored eCrime Digital Watch Report and survey of 535 companies there are some observations on Operational Risk Management worth examination.This report was focused on the "Insider Threat" and the area of concern is on "Digital Incidents by Insiders:"Past 12 months the number of incidents reported increased 16%The per incident monetary loss (mean) was

Legal Risk: Forensic Intel for Investigations...

2010-03-22T05:06:00.002-04:00

A wide spectrum of Operational Risk incidents are in the news. Executive Management in the private sector, law enforcement and the military are investigating cases of identity fraud, cyber hacking and insider digital sabotage, transnational economic crime, intellectual property theft, ACH cyber robbery, counterfeiting, workplace violence and industrial espionage.

ID Risk Management: Dubai Investigation Links to Workplace Violence...

2010-03-02T05:04:00.000-05:00

What is your name? Where do you live? What is your phone number? Where were you born? What is your social security number? What is your passport number? Where was it issued? What evidence do you have that this is all true? Your identity is at stake and Operational Risk Management is on the line.These questions and more are asked of us on a regular basis to establish our true identity. The entity

NIS: Homeland Security & Economic Espionage...

2010-02-23T05:03:00.000-05:00

The National Intelligence Strategy (NIS) of the United States was published in August of 2009.The tone at the top of your enterprise will go a long way if you ever end up in litigation associated with the Economic Espionage Act of 1996 or even the Foreign Corrupt Practices Act. As a CxO with the ultimate responsibility for the resilience of your organization, pay attention. The internal threats

Legal Risk: Early Case Assessment...

2010-02-05T05:08:00.001-05:00

After a few days at LegalTech New York this week, it's now confirmed that a very small percentage of small to medium enterprises (SME) are truly ready for the Operational Risk of litigation. How can a General Counsel achieve a defensible standard of care in this vast sea of software, technology and vendors that are trying to address the modern day business problem called "Electronic Stored

Intelligence-led Investigations: DecisionAdvantage...

2010-01-22T05:07:00.000-05:00

Operational Risk incidents are surrounding us on a global basis. The continuity of operations in the rescue and relief efforts in Haiti. The security of information and Internet politics with Google and 30+ other companies. A growing AQAP threat after Ft. Hood and NW 253 while Islam converts flock from US prisons to Yemen to drink the "Shariah" Kool-aide. The economic integrity of global

Deja Vu: Operational Risk in Decade Past...

2010-01-05T05:08:00.000-05:00

The WWW is dynamic and the operational risks you take while navigating it's vast depth and breadth is part of the process. Who or what should you trust? As an example, at this very moment when you search Google for Operational Risk Management it returns this blog as the number #1 top link. Perhaps that is how you arrived here at this blog on Operational Risk.You trusted Google that when you

Legal Doctrine: Intelligence - led Threat Assessment...

2009-12-10T05:02:00.001-05:00

Corporate Threat Assessment is gaining new momentum as "Operational Risk Management" professionals utilize new business processes and tools to preempt human malfeasance. Whether it is the disgruntled employee who has just been separated from the company or the college student who acts against his math teacher for grades; the question remains: How could this have been prevented?The Washington Post

Legal Risk: The Art of Compliance...

2009-10-29T05:08:00.000-04:00

Risk Management is on the mind's of Corporate Directors and in some interesting places according to a recent poll by PWC and Corporate Board Member Magazine:How has your personal risk as a director changed in the past 12 months?Increased 69%No change 30%Decreased 1%Some risks are tough to name...What keeps you up at night?Unknown risks 59% ...while others are identifiable.Do you think regulators

Irregular Warfare: 21st Century Corporate Battlefield...

2009-10-13T05:04:00.000-04:00

The safety and security of your corporate assets is a Board of Directors level issue. The loss events including adversarial litigation for errors, omissions, or just plain ignorance of regulatory compliance are gaining momentum. These Operational Risks associated with human behavior and the daily tasks performed on the job remain a vast vulnerability within the corporate enterprise. Why?The

Remote Digital Forensics: Complacency Risk...

2009-10-01T05:03:00.000-04:00

Operational Risk Management commands a spectrum of disciplines within the global corporate enterprise. While convergence of responsibility, accountability and resources is taking place the internal threats continue to flourish. Why? How could a Chief Security Officer (CSO) not be aware of a specific threat to the institution by unknown subjects half way around the world? The transnational

Threat Management Team: Preemptive Risk Strategy...

2009-09-24T05:05:00.001-04:00

The Corporate Threat Management Team (TMT) has been busy this past year and your employees are consistently seeing new and startling behavior beginning to emerge. These small and versatile task forces within corporate Operational Risk committee members include the Chief Security Officer, Human Resources (EAP), Ethics & Compliance, General Counsel and Chief Information Officer or Privacy

Red Zone: Behavioral Analysis Interviews...

2009-09-07T05:30:00.000-04:00

Industrial Espionage and the theft of trade secrets is on every Operational Risk Management executives mind these days. The recent milestone conviction under the Economic Espionage Act of 1996 in the United States marks the starting point for accelerated investigations by the counter intelligence and OPSEC units of major public and private organizations:A former Rockwell and Boeing engineer from

Health Care: Operational Risk on Steroids...

2009-08-24T05:08:00.001-04:00

Health Care Sector Operational Risk Management is on the front burner once again. Recent changes to federal law governing health information suggest expanded regulation, increased enforcement, and significantly enhanced penalties could be on the horizon for businesses not previously subject to HIPAA. The Health Insurance Portability and Accountability Act (HIPAA), which was amended by the

Red Flags Rule: Reputations at Stake...

2009-07-31T05:10:00.001-04:00

The "Red Flags Rule" is on the back burner in the United States until November 1, 2009. The Federal Trade Commission has delayed the compliance mandate again. Are you ready? Do you have to comply?The Federal Trade Commission has postponed a deadline for many of the nation's businesses -- including banks, public utilities and health-care providers -- to comply with a controversial identity-theft

FCPA: Modern Day "Smoking Gun"...

2009-07-18T05:05:00.001-04:00

Corporate malfeasance is on the mind of most global executives today. Their enterprise is consistently fighting the economic challenges and at the same time defending it's reputation as new "Smoking Guns" are revealed. Perhaps these modern day discoveries of wrong doing should be renamed "Smoking Digital Evidence" because this is exactly what it is. Information uncovered through normal monitoring

Trusted Systems: Human Factors in Play...

2009-07-09T05:05:00.000-04:00

The case is U.S. v. Dreier, 09-cr-00085, U.S. District Court, Southern District of New York (Manhattan). It's only the beginning of a long hard road for many unidentified subjects (unsubs) as the fall out from the U.S. Economic crisis uncovers who was stealing others peoples money for their own fraudulent schemes. Marc Dreier, the New York law firm- founder who pleaded guilty to defrauding

Digital Forensics: Right to Question CSI's...

2009-06-26T05:02:00.002-04:00

The US Supreme Courts ruling in MELENDEZ-DIAZ v. MASSACHUSETTS will have significant impact on Digital Forensics expert practitioners. Legal cases utilizing the examination of computers and other digital assets containing relevant information will have more testimony by CSI analyst experts. The New York Times report by Adam Liptak says:Crime laboratory reports may not be used against criminal

4GW: U.S. CyberSpace OPS Risk...

2009-06-11T05:08:00.000-04:00

The Washington, DC beltway bandits are buzzing in anticipation of President Obama's selection for the next defender and policy maker for United States CyberSpace. We wonder what branch of the armed forces s/he will be associated with and to what degree they gain the agreement of the power base that CyberSpace is indeed a "Strategic National Asset", once and for all.Meanwhile, OPS Risk Managers

Continuity of Operations: Mother Nature or Active Shooter...

2009-06-02T05:02:00.000-04:00

Continuity of Operations in the context of business gets on the Board of Directors agenda after every tragedy. Whenever the magnitude of the business disruption involves loss of life, or major property damage the executive management goes into "Crisis Management" mode. Unfortunately for many, this may be the only time the Board and corporate executives have tested or exercised for such an

OPS Risk: Military Lesson for Wall Street...

2009-05-20T05:08:00.001-04:00

Air Force Brig. Gen. Mark W. Graper, the 354th Fighter Wing commander at EIELSON AIR FORCE BASE Alaska has captured the essence of Operational Risk Management. Corporate Executives and mid-level management should have this made into a poster for their office and hanging in every hallway:Summer is just around the corner, and many of us are planning for our favorite warm weather activities -

Human Factors: Early-Warning System...

2009-04-25T05:09:00.000-04:00

Predictive Intelligence And Analytics From 1SecureAudit Provides Transnational Organizations With A Preemptive Human Factors Early-Warning SystemAccording to Managing Director and Chief Risk Officer of 1SecureAudit, Peter L. Higgins, the complexity of today's extended global enterprises requires a new governance lens to view hidden insider risks and to guide management executives to

Economic Impact: Proving the Truth...

2009-04-07T05:05:00.003-04:00

The Madoff investigations into so called "feeder firms" are now gaining momentum. The question on who are the victims and where fraud is suspected continues it's due course. The process of client referrals is not a crime and allegations that correlate this with fraudulent behavior is a flawed mindset. The current basis in the Merkin case has more to do with non-disclosure of where clients

Unthinkable: Adapting in New World Disorder...

2009-03-24T05:05:00.000-04:00

35 million electronic records of Personal Identifiable Information (PII) was exposed in 2008. Up 47% according to reports by the Identity Theft Resource Center (ITRC) compared to the previous year.Will 2009 bring more data breaches, lost laptops and insider theft than 2008? You can bet on it and this is why CSO's, CPO's and General Counsels are getting their teams ready. When the enemy is

Compliance: Workplace Security, Ethics & Governance...

2009-03-07T05:07:00.000-05:00

Bernie Madoff clones and the 11,000 other unregulated investment advisors across the US will be subjected to increased scrutiny in 2009 and beyond. The SEC, FINRA, US Treasury FINCEN, FBI and the tribe of banking regulators are all gearing up for audits, inspections and more granular forensic accounting examinations.Fraud and the corruption of corporate America is hard to detect. Even more

Oversight Risk: Evidence of Compliance...

2009-02-21T05:26:00.000-05:00

In light of the tremendous announcements of corporate and financial malfeasance over the past few months, there is a "cramdown" in the works. The US Office of the Special Inspector General for the Troubled Relief Asset Program (SIGTARP) is gearing up.The Office of the Special Inspector General for the Troubled Asset Relief Program ("SIGTARP") was established by the Emergency Economic

PII: Achieving a Defensible Standard of Care...

2009-01-26T05:07:00.002-05:00

A data security breach of "Personal Identifiable Information" (PII) will impact your organization in the future. This incident is no different than other Operational Risk loss events to your global enterprise this year, such as occupational fraud or the settlement of a lawsuit. Correct?This time however, the difference is that now your own employees or your customers are the victim. Their PII has

2009 Outlook: OPS Risk Top Priorities...

2008-12-31T05:01:00.000-05:00

In light of the 2009 outlook and the fact that Operational Risk is now a much greater priority, here are vital areas to focus on for the New Year. As restructuring, downsizing, layoffs and overall corporate strategy and governance initiatives are kicked-off for the 2009 calendar year; here are the top priorities according to Peter L. Higgins, Managing Director of OPS Risk advisory firm

Security Governance: Siemens FCPA guilty plea...

2008-12-22T05:07:00.000-05:00

One only has to look a few layers deep into the corporate hierarchy, to see the root cause of why Siemens AG violated the Foreign Corrupt Practices Act (FCPA).At a hearing before U.S. District Judge Richard J. Leon in the District of Columbia, Siemens AG pleaded guilty to a two-count information charging criminal violations of the FCPA’s internal controls and books and records provisions. Siemens

OPS Risk: Tsunami of Fraud...

2008-12-15T05:08:00.000-05:00

Just when you think you have avoided the major risk of the credit crisis, HSBC may have been one of many banks exposed to the Bernard Madoff "tsunami of fraud".Banks and investment funds across the world lined up on Monday to admit investing billions of dollars in the companies of Bernard Madoff, whom U.S. authorities accused of masterminding a massive fraud. HSBC Holdings was the latest bank to

QFD: The End of Compliance...

2008-11-25T05:01:00.002-05:00

Corporations will continue to be responsible for the criminal behavior and actions of their employees, 3rd party suppliers and other contractors for at least the near term. In a case that has the defense legal eagles and "Usual Suspects" arguing against the corporate liability issue, the intent is getting cloudy or is it crystal clear?But in a case now pending before the 2nd U.S. Circuit Court of

Corporate Counsel: OPS Risk Priorities...

2008-11-14T05:09:00.004-05:00

As General Counsel are you keeping up with the latest technology being deployed in your enterprise? Do any of your employees use Twitter? What about your "Generation Y" and the use of P2P file sharing programs. Does your CxO in charge of Safety, Security, Investigations and Corporate Integrity have the latest report on employee violations of your Information Assurance and Acceptable Use

EESA: Oversight & Legal Filings...

2008-10-22T05:04:00.000-04:00

What is on the mind of GCs in the United States and United Kingdom? What are they saying about the costs of litigation, labor and employment, the financial/subprime crisis, regulatory investigations and FCPA, e-discovery preparedness and patent infringement claims. A Fulbright & Jaworski 5th year survey, gets the answers from 350 senior-level executives. Lawsuit fears also vary across the

2008-10-17T05:06:00.000-04:00

A few years ago there was an anonymous posting on CSO Online about "Doing the Right Thing". It could only be about the rules and policies set down by the ethics committee. Right?"Directors and executives now must take an active leadership role for the content and operation of compliance and ethics programs," the U.S. Sentencing Commission's statement reads in part. "Companies that seek reduced

FCPA: 21st Century Investigations...

2008-10-07T05:05:00.000-04:00

Intellectual property theft, corporate espionage, transnational economic crime and the Foreign Corrupt Practices Act (FCPA) are on collision course with international 21st Century investigators. New age professionals who were almost born with a keyboard or PDA in their hand; remain ever vigilant.The use of third parties, offshore banking and other avoidance mechanisms such as Black Market Peso

A Perfect Storm: OPS Risk & The Asian Factor...

2008-09-08T05:15:00.000-04:00

The forensic professionals have been busy at Freddie Mac and Fannie Mae over the past six months, and we are only looking at the tip of the ice berg. The results are in and Uncle Sam (US) is now adopting them in order to try and achieve new corporate governance and operational risk management objectives. The "Asian Factor" is a major influence in this decision.The historic announcement has been

EDD Overload: Modern Incident Response...

2008-09-02T05:06:00.000-04:00

Remote Digital Forensics is quickly migrating into a vast science that requires a sound combination of both legal and technical expertise. The EDD process has been helpful in educating the marketplace about the industry and the steps that are necessary for a complete and thorough eDiscovery review. However, relevancy and precision is highlighted here by Richard Betjlich: Why copy a 2-

ESI: Federal Civil eDiscovery...

2008-08-11T05:06:00.000-04:00

The San Francisco DA "Operational Risk" factors have spiked now that they have released passwords in public documents for their internal VPN networks.The office of San Francisco District Attorney Kamala Harris has made public close to 150 usernames and passwords used by various departments to connect to the city's virtual private network. The passwords were filed this week as Exhibit A in a court

ESI Risk: Seizing Electronic Evidence...

2008-07-28T05:29:00.000-04:00

In this issue of Board Member Magazine, Lisa Ferri reminds us of the importance of the risk of Electronic Evidence.If the only thing better than learning from your mistakes is learning from the mistakes of others, then directors need to take a lesson from Philip Morris. A few years ago the tobacco giant was slapped with a $2.75 million fine by a federal court. The offense? Wrongful destruction of

Directors Q & A: Outside Counsel Risk...

2008-07-01T05:04:00.000-04:00

Every Board Member needs to ask "Six Legal Questions" of corporate management because the answers will help you determine what law firms your company should fire, or even consider hiring. This special report by Randy Myers in Corporate Board Member highlights the Operational Risk of litigation and whether you are prepared for offense, defense and the next reputation scandal:How well do our

ESI: The Economics of Litigation...

2008-06-18T05:00:00.000-04:00

The operational risk and complexity of eDiscovery is increasing and the economic impacts are becoming a Board Room topic of debate. This study from RAND by James N. Dertouzos, Nicholas M. Pace, and Robert H. Anderson opens up some of the serious implications of Electronically Stored Information (ESI) as it pertains to this research: Business litigants display a mix of optimism and concern about

Legal Ecosystem: Survival of the Fittest...

2008-05-08T05:08:00.000-04:00

The life cycle of monetary policy and financial fraud is being mapped once again in concert with new investigations into corporate malfeasance. As economic trends run their systemic course so do the highs and lows of human behavior to create new schemes to defraud customers, partners and even fellow employees.Prosecutors in the Eastern District of New York in Brooklyn are stepping up their

Corporate Governance: Testing for Organizational Disease...

2008-04-28T05:03:00.001-04:00

In our continuing series on Security Governance we now turn to Corporate Governance: Testing for Organizational Disease.It's been three years since a 25 year sentence was handed down in the Worldcom corporate governance and fraud case, it's obvious that prosecuting white collar crime cases is a real challenge.In the HealthSouth Corp. fraud trial, the jury made a different decision and the CEO

Rule-Set Reset: Evidence Life Cycles...

2008-04-06T05:06:00.001-04:00

Here are a few of the "Top of Mind" topics these days at the nexus of Legal Risk and "Defining the New Rules Sets" for Information Management and Digital Forensics. What is a "Rule-Set Reset"?When a crisis triggers your realization that your world is woefully lacking certain types of rules, you start making up those new rules with a vengeance (e.g., the Patriot Act and the doctrine of preemption

Information Risk: The Zero's & One's Don't Lie...

2008-03-18T05:06:00.000-04:00

The Bear Stearns implosion has been predicted as a casualty of failed hedge funds. These entities are less regulated than banks and don't have to keep a minimum capital reserve. The limits on the amount of leverage they utilize can sometimes come back to burn you.Angry Bear Stearns Co Inc shareholders have wasted no time in bringing legal claims following the company's stunning stock collapse and

Lessons Learned: The Impact of Executive Decisions...

2008-02-27T05:08:00.000-05:00

In times of economic downturn the Operational Risks within your institution will begin to rise. Enron, Worldcom and HealthSouth are the few names people recognize as the major casualties of the last significant dip in our economy. When times get tough, people get desperate and try to keep the schemes and any red flags from being discovered.So what are some of the areas that encompass Operational

ESI Lessons Learned: CREDO & Qualcomm...

2008-02-05T05:06:00.000-05:00

Qualcomm Inc. v. Broadcom Corp., Case No. 05cv1958 (BLM) (S.D. Cal.), issued on January 7, 2008, should be a major wake-up call for corporate litigants. (The U.S. District Court for the Southern District of California) This case is about electronically stored information (ESI) and the ability to manage and produce the correct records at the time requested.Evidence Lifecycle Management (ELM) is

IPR Risk: Beijing Olympics 2008 & Beyond...

2008-01-17T05:20:00.000-05:00

The global corporate security directors have been planning for the 2008 Olympic Games in China for well over a year now. Company employees of Fortune 500 institutions who are in the intellectual property and branding departments have been working feverishly for even longer. What do the two have in common?Safety, Security and Intellectual Property Rights (IPR) Protection to name a few. The stakes

FRE 502: Evidence & Digital Discovery...

2007-12-20T05:03:00.000-05:00

What could the implications of this ruling be for employees in New York state? Scott v Beth Israel Med. Ctr. Inc.The writing is on the wall with the attorney-client privilege and Federal Rules of Evidence 502. A review of current e-mail policy may also be in order at your institution if you plan on achieving "A Defensible Standard of Care."On December 11, 2007, Senator Patrick Leahy, Chair

The GC: The Truth Can Be Adjusted...

2007-11-22T05:19:00.000-05:00

If you are a General Counsel (GC) today for an organization doing business on a global basis, your Blackberry must be "buzzing" every few minutes. The legal risk being encountered will always be a factor of the number of deals, the number of employees and the growing number of countries you do business in.As a corporate GC of a global enterprise, you have a fiduciary responsibility to protect the

Red Flags: The Oracle of Omaha...

2007-11-01T05:08:00.000-04:00

What do you do when you see a "Red Flag"? This was the question posed to Directors in a recent poll by Corporate Board Member Magazine in the November/December 2007 issue. C. Warren Neel the Executive Director of the Corporate Governance Center, at the University of Tennessee could not have answered this any better:I don't want to see it; I want to "hear" the red flag before I see it. I want to

3rd Party Outsourcing: Compliance Management...

2007-10-19T05:22:00.000-04:00

Hedge Funds who require outsourcing products or services in conjunction with their broker-dealers and clearing banks are still under the "Regulators" microscope. The focus on "Red Flags" is a continuous challenge in addition to the latest operational risk mandates and due diligence on 3rd parties.This was highlighted by Geofrey L. Master of Mayer Brown last May in one of his articles from Mondaq:

A Defensible Standard of Care: Six Million Reasons...

2007-09-20T12:10:00.000-04:00

There are 6,000,000 reasons why Operational Risk at TD Ameritrade is in the Red Zone this week as a result of what seems to be a case of malicious code discovered last week, or over a year ago.This author received a recent letter from TD Ameritrade regarding their so called pseudo "breach". And we quote: "While investigating client reports about the industry-wide issue of investment-related

2007-09-14T05:28:00.000-04:00

True or false: A large corporate private sector company hires an outside counsel to investigate an employee suspected of fraud. The outside counsel hires a fraud examiner to look into the facts. The fraud examiners report to the outside counsel will assist in determining whether a crime has been committed. The report and the communications with the outside counsel are protected confidential work

BSA/ AML: Testing the Channel...

2007-08-30T05:00:00.000-04:00

Legal compliance with the Bank Secrecy Act (BSA) and Anti-Money Laundering (AML) is a complex and growing concern by regulators, enforcement and Operational Risk Executives. In the United States, the FFIEC (Federal Financial Institutions Examination Council) has published the latest Examination Manual to provide guidance:Enterprise-Wide BSA/AML Risk AssessmentHolding companies or lead financial

ESI: Authenticity of Evidence...

2007-08-13T05:00:00.000-04:00

Legal opinions on the admissibility of evidence and electronically stored information (ESI) are becoming more prevalent and increasingly relevant to Operational Risk Management:In Lorraine v. Markel, authentication of information is a key issue in the ruling. Maryland Courts Watcher caught this ruling and our eye recently. "In its 101 page opinion, the court dedicated at least 90 pages to

4GW: Trusted Information Class Actions...

2007-07-17T05:08:00.000-04:00

The SEC is in the middle of a Supreme Court battle and they have called in the "A" team to assist. Former SEC officials William H. Donaldson, Arthur Levitt and Harvey J. Goldschmid want to expand investors' abilities to sue in frauds:The big-money issue has mobilized lawyers who bring class-action lawsuits and the companies and executives they target in one of the most important securities-law

ECM Security: Trusted Information...

2007-07-03T16:14:00.000-04:00

When it comes to Enterprise Content Management (ECM), security is an issue that continues to challenge most vendors. John Newton is in search of topics at AIIM that address the security needs of the market place:Content LogCommon identity. There needs to be a common way of addressing identity between different services whether those services are in the enterprise or outside.Common Models for

Enterprise Resilience: Compete or Die...

2007-06-30T17:44:00.000-04:00

Enterprise Resilience is the road to competitiveness. It is the global answer to many of the Chief Security Officers (CSO) who have faced the troublesome battle of selling more "Fear and Doubt" to the CEO. When Deborah Wince-Smith stood up on the stage at the 21st Annual Security Briefing at OSAC last November 16th, 2006, her words were music to our ears:It is undeniable that the world has gotten

Insider Threat: Web 2.0 Wild West...

2007-06-26T17:01:00.000-04:00

The Insider Threat is an Operational Risk that will never go away. It is without a doubt going to be a continuous issue for the Board of Directors, Corporate Management and shareholders for years to come. Fortunately, justice has recently sent a clear message about the implications of unleashing malicious code on a network.The former systems administrator convicted this past summer of launching

White Collar Crime: Enduring Truth...

2007-06-20T08:26:00.000-04:00

In the 19th century a famous sleuth by the name of Al Pinkerton was quoted:"A professional should possess the qualifications of prudence, secrecy, inventiveness, persistency, personal courage, and above all, honesty."Inside the walls of global enterprises are the ticking time bombs waiting for the next opportunity to rationalize their malicious acts upon the organization. Individuals with

FACTA: The Writing is on the Wall...

2007-06-19T09:09:00.000-04:00

Now that the financial community is wiping their brow with a sigh of relief on this latest Supreme Court ruling, what can a General Counsel or Chief Risk Officer expect? Will the adversarial train of plaintiff suits slow down and come to a halt. Not likely.The U.S. Supreme Court's ruling that blocks investors from suing Wall Street investment banks under antitrust laws could save Wall Street

General Counsel: Information Security Nexus...

2007-06-16T10:53:00.000-04:00

A "Defensible Standard of Care" is a hot topic these days around the Board of Directors Audit Committee conference table. Information Security standards are consistently being discussed by the CIO and CSO in the context of compliance. So where is the nexus? Why is it so critical to enabling the enterprise business resilience of a global institution?The answers lie in the fundamental understanding

Making the Business Case for Enterprise Content Management...

2007-06-15T23:46:00.000-04:00

Making the Business Case for Enterprise Content Management: A Webinar On July 24, 2007, at 11:00 a.m-noon, EDT, KM World will be presenting a national webinar on how ECM champions can make a more successful business case for new ECM solutions. The webinar will feature Jeffrey Ritter and Walt Whalen of Waters Edge Consulting in a discussion of Waters Edge work in this area. If you wish

Welcome...

2007-06-15T23:32:00.000-04:00

This blog will explore trusted information and the nexus of information security and the law.